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Abstract — In Cloud computing PPH private public and hybrid respectively the cloud ments are 

available in now a days. Cloud computing has many benefits and security challejij^s i^various cloud 
environments. But regarding some business-critical applications, the organiza|Wn^y especially large 
enterprises, still may not move them to cloud. The market size of the cloud coggafciflg shared is still far 
behind the one's expectation. From the consumer's perspective, cloud co§»n1^ig security concerns, 
especially protecting critical information in various cloud environment issues, i^^in the primary inhibitor 
for adoption of cloud computing services. This paper provides the^Hie/Ie^fit* and security challenges in 
various cloud environment and techniques and solution for variousJ^fl^fw security challenges of various 
cloud environments. Finally, this paper describes future research wa^^bout protecting critical information 
in cloud by using all these techniques to overcome time process faJhimg utilities in cloud computing by the 
reduce cost by performing better way. 
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I. Ira 

iness 

computing technologies can be implemenrfoWra wide variety of architectures, like different service and 
deployment models, and can coexist wWrofclaer technologies and software design approaches. The global 
cloud computing market is grow frAn^aN*)re.7 billion in 2011 to $241 billion in 2020, according to Forrester 
Research. . 

On the way to all of the grov^^^k few notable reports. 

• For starters, tb^^filistructure as a service market will peak a $5.9 billion in global revenue in 2014 
and then caier^mtization, price pressure and falling margins. 

• BusinesW\jc/ss as a service will be notable, but face modest revenue. 

• Virtu^Tz«K)n will recede to the background as new technologies take over. 

To deterfajy^vhether the increased risks of truly worth the agility and economic benefits. Maintaining 
conto)fowr the critical information is paramount to cloud success. A decade ago, enterprise data typically 
r^delj in the organization's physical infrastructure, on its own servers in the enterprise's data center, 
whl|^the sensitive data in individual physical servers. Today, with virtualization and the cloud, data may 
be under the organization's logical control, but physically reside in infrastructure owned and managed by 
another entity. 

As we shown in figure 1. This shift in control is the number one reason new approaches and techniques are 
required to ensure organizations can maintain data security. When an outside party owns, controls, and 
manages infrastructure and computational resources, how can you be assured that business or regulatory 
data remains private and secure, and that your organization is protected from damaging data breaches — 
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and feel you can still 
requirements? 



mpletely satisfy the full range of reporting, complia 



and regulatory 



In this paper we describe the following: 

• The benefits of cloud computing 

• Cloud Computing Security Challenges 

• Techniques for Protecting Data in the Cloud 

• Cloud Security Solutions 



The Benefits of Cloud Computing 

In recent years, cloud computing has emerged as an important solution offering enterpris^s^^ttentially 
cost for effective model to ease their computing needs and accomplish business requuMen|^> Considering: 




sL. 



Clow^Computing 

cr 



igure l Cloud Environments 



As shown in Figure l 

a) Optimized serybt^Clllization - In most of enterprises typically underutilize their i 
computing resfl^^g^ cloud computing will manage the server utilization to an optimum level. 

b) Cost savine^/lhfrastructure costs are almost always minimal and are treated as a capital expense 
(CAPEJi^frhVrever if the IT infrastructure usually becomes an operating expense (OPEX). In some 
countj»^£nis results in a tax advantage regarding income taxes. Also, cloud computing cost 
savif^|an be realized via resource pooling. 

c) L^ApVnit scalability - many enterprises include a reasonably large buffer from their average 
^^rrputing requirement, just to ensure that capacity in a place to satisfy peak demand. Cloud 

S ^^cmputing provides an extra processing buffer as needed when a low cost and without the capital 
investment or contingency fees to the users. 

II. Security Reasons in Cloud Area 

Data protection tops the list of cloud concerns today. Vendor security capabilities are key to establishing 
strategic to manage the cloud infrastructure, but are often uneasy about granting them visibility into 
sensitive data, to use the cloud due to cost savings and new agile business models. But when it comes to 
cloud security, it's important to understand the various threat landscape that comes into play. There are 
complex data security challenges in the cloud: 
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• The need to protect confidential business, government, or regulatory data 

• Cloud service models with multiple tenants sharing the same infrastructure 

• Data mobility and legal issues relative to such government rules as the EU Data Privacy Directive 

• Lack of standards about how cloud service providers securely recycle disk space and erase existing 
data 



Such issues give rise to tremendous anxiety about security risks in the cloud. Enterprises worry whether 
they can trust their employees or need to implement additional internal controls in the private cloud, and 
whether third-party providers can provide adequate protection in multitenant environments that ma^S^p 
store competitor data. 

Specific security challenges pertain to each of the three cloud service models — Software as a (SaaS), 



Techniques for Protecting Data in the Cloud 




In Traditional models of data protection have often focused on network-centrfc^id perimeter security, 
frequently with devices such as firewalls and intrusion detection systems. (S^uiis approach does not 
provide sufficient protection against APTs, privileged users, or other insklkius tvpts of security attacks. 

It is important to utilize security controls that protect sensitive A^^ip matter where it lives, as point 
solutions by their very nature provide only limited visibility. An {ffyive cloud security solution should 
incorporate three key capabilities: 

• Data lockdown 

• Access policies 

• Security intelligence 

First, make sure that data is not readable and tnSlwthe solution offers strong key management. Second, 
implement access policies that ensure onlv^^M^orized users can gain access to sensitive information, so 
that even privileged users such as root ug,eJ^aVinot view sensitive information. Third, incorporate security 
intelligence that generates log informjtffcnjwhich can be used for behavioral analysis to provide alerts that 
trigger when users are performing aj^^tas outside of the norm. 

^J^^ Cloud Security Solutions 
Secure access to cloud nCTOwrees with intelligent authentication tokens — 

Ensuring that only aJl^^tzed users gain access to cloud-based resources is critical for cloud providers and 
enterprises. Proliidkrsjieed to ensure proper access controls for users at client sites, and for administrators 
within the ser^ffl^rovider's organization. 

Secure c§q^%raphic key storage — 

»graphic system and trust in the protected data is only as strong as the underlying protection of 
kkdfs used to encrypt data. A centralized, hardened security appliance manages cryptographic keys, 
access control, and other security policies. In addition, a virtualized instance of this appliance is deployed in 
the cloud to replicate policies and security enforcement on the data. 

Secure storage in the cloud across file, application, and database systems — 

Driven by a need to use the cloud's elastic storage, enterprises can securely store data in the cloud, 
effectively using the cloud for the backup, disaster recovery, and archival of data. Protection of stored data 
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through a hardened appliance that centralizes encryption processing, keys, 
administration across file, application, and database systems. 



ig, auditing, and policy 



III. Implemented Methodologies in Infrastructure within Public and Hybrid Clouds- 
Clouds are a target rich environment for cyber-attacks on the interconnected critical fabric that weaves 
together the elastic computing, storage and connectivity in the back-end of the cloud data centers.it 
provides strong Layer 3 and Layer 2 link encryption solutions to harden this critical network infrastructure 
while maintaining low-latency — high throughput data exchanges to keep the cloud operating at^peak 
efficiency. Together, these solutions deliver the critical capabilities required for a robust, cost-effecti^^rra 
secure cloud security implementation. 




SaaS Architectural Maturity Level 4-Scalabl^^ mis fourth SaaS maturity level, scalability is added by using 
a multitier architecture. This architecfcr\ ts capable of supporting a load-balanced farm of identical 
application instances running onCa^ararole number of servers, sometimes in the hundreds or even 
thousands. System capacity can<be cfyVunically increased or decreased to match load demand by adding or 
g servers, with no needfor^fiirther alteration of application software architecture. 



Coming to the Key Characteristics of SaaS 



tally available software from central 
; site, enabling end user customers to access 



A Network-tJt^» management and acce 
location ratH^r than at each end use customer's 
applicai^^femotely via the Internet. 

Applrfwichi delivery from a one-to-many model (single-instance, multitenant architecture), as 
to a traditional one-to-one model. Centralized enhancement and patch updating that 
tes any need for downloading and installing by a user. SaaS is often used in conjunction with a 
network of communications and collaboration software, sometimes as a plug-in to a PaaS 
architecture. 

2. Coming to the Benefits of the SaaS Model 

Application deployment cycles inside companies can take years, consume massive resources, and yield 
unsatisfactory results 

i. Streamlined administration 

ii. Automated update and patch management services 
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iii. Data compatibility across the enterprise (all users have the sa 

iv. Facilitated, enterprise-wide collaboration 

v. Global accessibility 

As we have pointed out previously, server virtualization can be used in SaaS architectures, either in place of 
or in addition to multi tenancy. A major benefit of platform virtualization is that it can increase a system's 
capacity without any need for additional programming. Conversely, a huge amount of programming may be 
required in order to construct more efficient, multitenant applications. The effect of combining multi 
tenancy and platform virtualization into a SaaS solution provides greater flexibility and performance tffthe 
end user. 

b).End use access in Location of Encryption Devices only /">^? 



With end-to-end encryption, the encryption process is carried out at the two end sy 
or terminal encrypts the data. The data, in encrypted form, are then transmittei 
network to the destination terminal or host. The destination shares a key with the 
decrypt the data. This approach would seem to s 
or switches. There is, however, still a weak spot. 



Thus, with end-to-end encryption, the user data are secure. However, 
packet headers are transmitted in the clear. To achieve greate^^^x 
encryption are needed, as is shown in Cj* 

0 



is^he source host 
altered across the 
and so is able to 

the transmission against atG<Ss on the network links 

y 

raffle pattern is not, because 
!ty, both link and end-to-end 



To summarize, when 
end-to-end encrypti 




4 Encryption across a Packet-Switching Network 



'ms are employed, the host encrypts the user data portion of a packet using an 
The entire packet is then encrypted using a link encryption key. As the packet 
traverses the ne^^rkjeach switch decrypts the packet using a link encryption key to read the header and 
then encrypts ^^^^ntire packet again for sending it out on the next link. Now the entire packet is secure 
except for thvV^pe that the packet is actually in the memory of a packet switch, at which time the packet 
header is«uTO« clear. 



UsirTf all 



VI. Result 



Using all the mentioned techniques in cloud the data is protected by using the end to end connection 
establishment with encryption and decryption. Validation does not identify the server to the end user. For 
true identification, the end user must verify the identification information contained in the server's 
certificate (and, indeed, its whole issuing CA chain). This is the only way for the end user to know the 
"identity" of the server, and this is the only way identity can be securely established, verifying that the URL, 
name, or address that is being used is specified in the server's certificate. More important, an understanding 
of why they have evolved. Standards are important, to be sure, but most of these standards evolved from 
individuals taking a chance on a new innovation in end user access in best way. 
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V. Conclusion 

By Using all these techniques cloud will provide more securities services for various areas to utilize various 
contributions from cloud. This paper provided an overview of end-user access to cloud computing. We first 
talked about key trends we believe will drive collaboration further into the cloud environment. We chose 
five significant entities to present you with an overview of the types and levels of capability available in the 
cloud today-things you can use now. YouTube, an online video repository, has an amazing hold on the 
global audience. Collaboration suites such as Zoho both enhance mobility and allow you to maintain a 
virtual office in the cloud. Social networking with Facebook has become very popular, especiaU^in 
academic settings. Zoho is a SaaS vendor to watch. Backed by Google, Zoho offers something for evei^^e-7 

Finally by using the Cloud Computing we can Increase the Processing capabilities can be usedVrtl secure 
manner whenever we using the more effective algorithms. Than End user access qui<fa^ m Cloud 
Computing SaaS can be utilize more effective manner in various sections as categorie#J3y\king the Cloud 
Computing We can Smoothly using the algorithms in less burden. By Using DefaAjc Address to avoid 
unauthorized whenever IP Spoofing occurs. By Repairing those IP Address it consuiCe^nore time so avoid 
so those thing we can immediately use the next IP Address. 

IV. Future work: * 

For data security and privacy protection issues, the fundamental ch^taA^are separation of sensitive data 
and access control. Our objective is to design a set of unified iden(^ySmfenagement and privacy protection 
frameworks across applications or cloud computing services. A^ftoWlity of employees in organizations is 
relatively large, identity management system should achkrve^ifore automatic and fast user account 
provisioning and de-provisioning in order to ensure no^\-a*uthorized access to organizations' cloud 
resources by some employees who has left the organiza±itffr!»Authorization and access control mechanisms 
should achieve a unified, reusable and scalable acca^^Wntrol model and meet the need of fine-grained 
access authorization. Accountability based privacy^^iection mechanisms will achieve dynamical and real- 
time inform, authorization and auditing for the dafewwners when their private data being accessed. 
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